Cisco Duo Reviews

Cisco Duo is used for multi-factor authentication for VPN users and remote access users. I only use the MFA feature of Cisco Duo, and the application is excellent. The dashboards and everything about managing the product is clean and intuitive.

Cisco Duo benefits the company by increasing the security footprint, and it is easy to manage users, disable users, or bypass if needed in case of an emergency. The MFA feature is particularly strong, with an excellent application interface. The dashboards and everything about managing the product is clean and intuitive.

I have not implemented Cisco Duo's end-to-end phishing resistance with capabilities such as proximity verification. I am very happy with Cisco Duo as it is and would not be able to name a feature that could be improved. It was easy to set up and manage, making it an excellent product.

I am uncertain whether Cisco Duo should focus on AI or cost-effectiveness. It is not an expensive product for our company size, and I am unsure what AI could benefit in the solution.

I have been working in my area of expertise for about 12 years.

I have not experienced any downtime with Cisco Duo proxy or the Cisco Duo service in the setup. The only downtime occurs when upgrading the proxy server.

Cisco Duo scales with the growing needs of the company straightforwardly. I have not implemented the other features of Cisco Duo such as Passport, but purchasing more licenses and adding more users is simple.

I have never had to reach out to Cisco Duo's customer service or technical support, so I cannot comment from experience, but I am confident they are competent at what they do.

Prior to adopting Cisco Duo, I was using YubiKey.

Before choosing Cisco Duo, I considered YubiKey. I had been using YubiKey for some time, but when evaluating a platform to perform multi-factor authentication for the organization, I advocated strongly for Cisco Duo because I had been using the Cisco Duo product for a long time for all two-factor authentication needs, and I was already satisfied with the product.

I did not set up YubiKey, so I am not familiar with its technical specifications. YubiKey is a physical key on a keychain that is inserted into a USB port, and they are prone to breaking. Cisco Duo has always been on my mobile phone, making it simple to transfer everything when my phone breaks or I receive a new one.

My experience with deploying Cisco Duo was straightforward, following the documentation. The only issue I encountered was that the documentation was somewhat outdated regarding the file structure of Cisco Duo proxy, but this was not difficult to resolve in a few minutes.

I started the implementation, and then another project took priority, which is why Cisco Duo Directory has not been deployed.

Pricing for Cisco Duo is good, at least for the company size and scale. The setup process was simple. Cisco Duo provides excellent documentation on everything from the proxy and the RADIUS, and how the two should connect. It was a straightforward process, and I was up and running in about one day.

Before choosing Cisco Duo, I considered YubiKey. I had been using YubiKey for some time, but when evaluating a platform to perform multi-factor authentication for the organization, I pushed hard for Cisco Duo because I had been using the Cisco Duo product for a long time for all two-factor authentication needs, and I was already satisfied with the product.

I have tried Cisco Duo Directory to manage user identities, but it has not been deployed yet.

I am not currently using Cisco Identity Intelligence.

I have not noticed any increase in phishing attacks in the company recently.

I would rate Cisco Duo a 10 because it is easy to manage, quick to set up, and offers good value for the price point, contributing to the organization's security. I would recommend going straight with Cisco Duo because it offers probably the best value for the price point, and setup is quick to reach a testing phase.

Cisco Duo has not helped the company reduce overall authentication-related costs, but the organization does gain value from it, even though there is a cost involved.

My main use case for Cisco Duo is providing MFA for all of our users and use cases.

The first focus with Cisco Duo is securing externally available applications, such as SaaS applications. Mostly, we ingest or enforce Cisco Duo via our SSO IDP point because then we do not have to worry about the native integration with whatever application we are trying to secure. If it is SSO capable, we inject Cisco Duo into that.

When it came about, I was a big fan of the risk-based authentication feature of Cisco Duo. That was a big win. Additionally, the Verified Push after the Cisco breach was important, as Cisco recognized that they had to do something about that and they came up with the Verified Push, which is also a very good idea. Nowadays, if I would have known a couple years back what I know today, I would not have worried about that too much because I would have just moved over to passwordless and phishing-resistant MFA means in the first place.

The major improvement I would suggest for Cisco Duo would have been to collaborate with Microsoft more closely and get positioned in a way as a recognized MFA authentication method on Entra. Since Microsoft forced all of their customers to enforce MFA when logging into anything in the Microsoft universe, Cisco Duo was not a recognized way of doing that. It was enforced as an external authentication method, as Microsoft calls it, and it was not a native Cisco Duo integration. Even the external one was not possible to select as a default, so we had to use something else along with it, which for us was Microsoft. That was very annoying.

Cisco Duo did not help reduce the cost of the overall authentication method that we have in our company; instead, it increased, obviously. Cisco Duo was the first technology that we introduced, which had to not just change or implement a certain technology. That was the easy part; the hard part was changing the habits and the culture, getting people to accept what MFA is and to go through the hassle of MFA every single time. The total cost of ownership increased, along with the implementation and the license cost, as well as the reluctance of users to handle IT systems. Security is always a fine balance, where we have to explain to the users what we are doing, why we are doing it, and not overdo it.

Where it lagged behind a lot is in the RDP integration, because we have users, especially in Germany or other jurisdictions, where we cannot force users to use their phone. Therefore, we had to give them some kind of Passkeys, and they are not supported in every use case, or if they are accepted, it is extremely tedious. With standards such as OAuth or FIDO2, that can vastly be improved. Apart from that, it is a very solid MFA solution.

I have been using Cisco Duo for seven or eight years.

Regarding the stability and reliability of Cisco Duo, it is very good. It always does exactly what it is supposed to do, with no downtime over the years that we have had it in use, despite the issues I mentioned with Microsoft, where we were not able to integrate Cisco Duo at all.

Prior to Cisco Duo, I did not use another MFA solution; that was the first one.

I would describe the experience of deploying Cisco Duo as super simple. It was straightforward, one of the easiest consoles I ever had to implement.

I can still say that I have seen a return on investment from Cisco Duo, as having MFA is a basic requirement nowadays. MFA is considered state-of-the-art if you look at things such as GDPR or any other information security framework, so not having MFA means you cannot put a price tag on that because you will be hit with ransomware immediately.

My experience with the pricing, setup costs, and licensing of Cisco Duo is that we have it as part of an Enterprise License Agreement, so that is probably not comparable.

Before adopting Cisco Duo, I evaluated a couple of other solutions, but at that time, Cisco Duo won out primarily because it was available as part of the Enterprise License Agreement, and we were a big Cisco shop already.

I am not using Cisco Identity Intelligence.

I have not noticed an increase in phishing attacks recently in my organization because we are pretty well set up in terms of email protection.

I just learned about the Proximity Verification capability with Cisco Duo. We do not have it because we are already using Passkeys, so we no longer need Proximity Verification.

I did not deploy Cisco Duo Directory to manage the user identity.

I would give this review an overall rating of 8.

Our main use case for Cisco Duo is multi-factor authentication, specifically setting up Zero Trust for different users within our organization.

Duo features have specifically benefited our organization by allowing us to add security measures. Whenever you add something security-wise, it can add either more complexity or slow down access. Anything that we could quickly use simply and not have any interruption while trying to access a website has been beneficial.

The features of Cisco Duo that I prefer the most include the one-time passcodes and the push notifications, which are much quicker with Duo for some reason, making it my favorite aspect from a user experience standpoint. 

To improve Cisco Duo, the biggest consideration is the licensing standpoint; the most common issue I've found is customers not setting up the Active Directory sync properly, leading to inflated licensing usage when they try to delete inactive users that are still being charged. An additional feature that should be included in the next release of Cisco Duo is a password manager.

I've used hte solution for five years.

There has been no downtime, crashes, or performance issues with Cisco Duo.

Cisco Duo scales with the growing needs of our organization by making it easy to acquire more licensing, especially with an enterprise agreement, which allows built-in growth and minimizes worries about licensing as we expand. 

We have expanded usage of Cisco Duo; it has been smooth, and I have no complaints there, but to be fair, we are very familiar with Cisco ordering processes.

Compared to Cisco, the general support I experience is fantastic; I have no complaints about it.

Positive

Prior to adopting Cisco Duo, I was using Okta to address similar needs.

What stood out to me in the evaluation process when comparing solutions was Cisco Duo's simple integration with the Cisco ecosystem and the helpful documentation and learning resources available for our managed service team, especially a dropdown menu in the Duo dashboard that provides useful learning material.

The Active Directly sync is a bit difficult during implementation. Other than that, the deployment is smooth.

I can say that I have seen negative ROI with Cisco Duo since it adds an additional cost for customers who may find alternatives through Microsoft Defender; however, existing users of Duo remain happy with it and the integration with the rest of Cisco.

My experience with pricing, setup costs, and licensing has been complaint-free, although the biggest threat to Duo is Microsoft's EA, where their version of Duo is integrated, causing many friends to feel forced to stay within that ecosystem due to the reliance on calling, email, and Office.

Before selecting Cisco Duo, I considered Okta, which I found to be more expensive; they do have great features regarding identity and the app dashboard. However, in the end, mostly we have feature parity. 

Also, the way Microsoft integrates their enterprise agreement obligates users to stay with it rather than paying for additional products.

I did not purchase the product on AWS Marketplace.

Regarding new features or functionalities in Cisco Duo, we have not adopted anything recently from the end customer standpoint; we've had that setup from day one. 

I evaluate the benefit of having a complete passwordless environment in our organization by acknowledging that we have not gone passwordless yet.That will be a next step, although we want to learn more about it before implementation. My hesitation to going passwordless is due to a lack of knowledge and time to learn about it and implement a process to convert everybody over. Many of our internal employees aren't even using password managers, which is concerning, so transitioning them straight to passwordless is a challenge. 

We do not utilize the Advanced Identity Threat Detection and Response in Cisco Duo. We're primarily using Cisco Duo for multi-factor authentication, setting up different security levels for our IT team and different groups for access to various internal resources, however, we haven't implemented anything advanced with detection or response. 

I have not used Duo's conversational AI interface for admin tasks. 

My advice to other organizations considering Cisco Duo is to get the provisioning dialed in before deployment to avoid being hit with overages, as this has been the main struggle we've encountered, which I've seen in other organizations as well. 

On a scale of one to ten, I rate Cisco Duo a nine.

We use Cisco Duo for our single sign-on. We have it tied to our Okta, so users must first log in to Duo before accessing Okta.

Cisco Duo helps minimize the risk of attack vectors and prevents unauthorized access to our data since it's tied with multi-factor authentication, which helps block threats.

I appreciate the simple login feature of Cisco Duo; being able to log into your actual page and then having all your apps there is convenient. 

My experience with Cisco Duo's strong security authentication system has been easier. 

It's easier to log in. Cisco Duo is user-friendly; users simply put in their email address and are redirected to their Okta page, making it straightforward to use. It's hard to screw up.

Cisco Duo's Identity Intelligence capability to detect and respond to identity-based risks is good. While I don't necessarily use it directly, I'm sure we implement it, though it might not be noticeable unless specifically pointed out.

I'm not aware of any new features or functionalities of Cisco Duo that we have started using recently. I don't know if we utilize the Advanced Identity Threat Detection and Response feature. I have not used Cisco Duo's conversational AI interface for admin tasks.

I'd be interested in exploring the AI portion of Cisco Duo as that would make it more interesting, though it's already straightforward and user-friendly. General announcements when new features come out with Cisco Duo should be broadcasted to customers who are using it, which might bring more accessibility to their documents so users can be more in tune with updates.

We implemented Cisco Duo just over four years ago.

Cisco Duo is stable.

Cisco Duo is easily scalable; you can adjust the size quickly and easily. From a licensing standpoint, we have the true-up which makes it easier to increase licenses when needed.

I've never had to reach out to customer service and technical support, so I cannot speak to that aspect. The fact that I've never had to contact support since Cisco Duo has been in place indicates it's a stable, robust product.

Positive

We were put in a position where we needed Cisco Duo, so we adopted it.

I wasn't part of the deployment team. That said, from what I've heard, it wasn't that complicated.

The biggest return on investment when using Cisco Duo is what it protects you from overall. It keeps you safe, and that protection demonstrates its worth.

We don't have a complete passwordless environment in our company yet; we've implemented long passwords, however, we haven't eliminated passwords entirely.

I would rate Cisco Duo a ten out of ten.

My main use cases for Cisco Duo are two-factor authentication and single sign-on for different solutions.

The feature I like the most about Cisco Duo is the dashboard to have everything in one single place and manage multiple customers and multiple tenants simultaneously.

Cisco Duo benefits my organization because we do not have too many logins since everything is in one place and we can use Cisco Duo for VPN, applications, and cloud solutions. This is a main benefit and the core purpose of the product that we are utilizing.

I think Cisco Duo can be improved. I found the onboarding was very difficult, even for engineers who have been using similar solutions before. For our specific implementation, we needed to have multiple groups, multiple companies, and multiple third parties, and I felt that the examples and material provided were insufficiently detailed. The onboarding videos, materials, how-to guides, and documentation should be improved dramatically.

I have been using Cisco Duo for approximately three years.

I did not notice any downtime or crashes with Cisco Duo. We focused on making modifications and changes only during maintenance windows, and afterwards in production, we did not have any downtime.

Cisco Duo's scalability works well with the growth of our company and does not seem to have a limit. We could add as many users and as many sites as needed, so scalability is not an issue.

Before implementing Cisco Duo for this particular customer, I did not consider another solution. However, for other customers, we also use some open-source solutions and cloud providers, which unfortunately seem to be winning over Cisco Duo.

I cannot say I have seen a clear return on investment. However, as I was only the integrator, it is difficult for me to make an estimation on the customer's actual ROI. That said, considering that they did not have any more attacks, it is probably positive, but I am not able to fully evaluate that.

My experience with pricing, setup cost, and licensing for Cisco Duo is that it is not an expensive product. The issue was that we had a customer migrate away because they moved to one of the cloud providers for identity management as well. The difference in cost to upgrade to directory services on that platform was cheaper than having Cisco Duo. However, generally, if a customer is not tied to a specific cloud vendor, then the pricing is acceptable.

I do not recall seeing Cisco Identity Intelligence or using it.

I have noticed an increase in phishing attacks recently, and this was exactly the reason one of our customers asked us to implement Cisco Duo because they were attacked before and lost quite a bit of money. After that incident, we deployed Cisco Duo for them. While using Cisco Duo, we did not have any issues regarding other attacks.

When implementing Cisco Duo, I implemented end-to-end phishing resistance with the proximity verification as the full solution.

I deployed Cisco Duo Directory to manage user identity.

I am using it as an identity broker because we were not integrating to the customer's Active Directory. It was actually functioning as an identity proxy rather than as a directory per se.

The organization's overall cost for authentication was higher, but the indirect cost of being attacked and losing data is significantly greater.

I discovered new benefits after initial implementation when we started with basic VPN authentication and then developed many other flows based on that. We learned that there were not enough examples or documentation available so we could start from the beginning knowing everything about the product.

The deployment experience was complicated as it was a trial and error process. We had multiple existing systems, and for each system we wanted to integrate with Cisco Duo, the approach was different. One was connecting directly, one was using the API, one was using SAML, and one was using directory services, making the process quite challenging.

I would rate this review an eight out of ten.

My main use case for Cisco Duo is to protect the OT environment from remote access.

The feature I like the most about Cisco Duo is that I can choose which device I want to sign in.

It is valuable for me that I can choose because not all people have a corporate phone, so they can use their personal phone for access or different methods for performing second-factor authentication.

I can say that it is difficult to measure the direct return on investment, but what I can say is that we are safer and feel more comfortable having this security implemented than before.

I cannot think of any improvements for Cisco Duo at this time.

I have been using Cisco Duo for approximately half a year.

I do not have problems with stability or reliability. Being a cloud solution, I think it is difficult to have problems, and we also use Umbrella with Cisco, which is very reliable and has high availability.

The solution is scalable for our growth.

We used Okta sometime before Cisco Duo.

We used Okta in a different environment, and we finished our license; we were not seeing the need to keep using Okta. For this new environment, we chose Cisco because we wanted to have a homogeneous solution, and our colleagues in other countries were happy, so it was easy for us to choose.

The deployment experience was more difficult than we expected because we had some problems with the version of the OS that we have in our servers. We also had concerns about opening the mandatory connection to a specific URL and port from our OT environment.

My experience with the pricing, setup costs, and licensing is that the price is acceptable because the license is by user.

We were considering different solutions, but we are a global company, and in another place in our company, they were using Cisco Duo, so it was our first option because we want to have a homogeneous scenario.

I do not think I am using Cisco Identity Intelligence.

I have not seen an increase in phishing attacks recently; I think they are more or less constant, but not increasing, particularly in the last three or four months.

We have seen the number of phishing attacks increase every year, but I do not know if that surprises us; we are accustomed to having this type of risk.

I think I have deployed Duo Directory to manage the user identities.

I think I used it as an identity broker in front of the IDPs.

My review rating for Cisco Duo is 8.

My main use cases for Cisco Duo in my company start with multi-factor authentication, but I also have projects when I use Cisco Duo for things like mobile posture check and so on.

The features of Cisco Duo that I prefer the most include, first of all, 2FA. 2FA is pretty good because it is simple, and the simple way is what all users love. That is the top feature for Cisco Duo. I also appreciate all the features overall. I appreciate that with Cisco Duo, many people may think that it was just for 2FA, but now it functions as a full identity provider. That is a pretty good upgrade. I like the whole product and how it increases and develops on a huge scale.

I can tell you that for my company, these features benefit us because we work for other customers, so we help them to use these features. When we listen to the client and when we hear that there is something we can use, for example, Cisco Duo, it will be 2FA, it will be for device posture check, and so on. We are offering Cisco Duo straight away because, first of all, we have expertise in Cisco Duo, we know this product, and we have good experience with it.

I would think about how Cisco Duo can be improved, but currently, with all of its features, I believe that it is enough, more than enough. However, Cisco Duo is making surprising updates because you do not know that a feature exists, but then the next day you find out that it is available on Cisco Duo and it works very well.

I have been using Cisco Duo for more than three years, and it has been quite a good experience. The first time I had the opportunity to use this product, it was interesting that it was so easy to work with. I also have to mention that all the documentation that administrators or users would like to have is all available and easy to get. It is pretty easy.

I would assess the stability and reliability of Cisco Duo as excellent. For these three years that I have been working with Cisco Duo, I have not had any incident or downtime because of Cisco Duo being down.

Cisco Duo scales with the growing needs of my clients' companies very well. When we are starting to work with Cisco Duo, clients come to us and they are asking us for a multi-factor authentication solution. They start with this, but when they know the other features that are behind Cisco Duo, they learn that it is bigger than that and the features are more extensive. When our clients know the features, they are stepping towards using these new features progressively.

I would evaluate customer service and technical support, but I have not had the experience to work with them.

Negative

My clients chose Cisco Duo over Okta because we told them that Cisco Duo, in this case, is much better. Additionally, it is easy to work with.

I would describe the experience of deploying Cisco Duo as easy because I have mentioned several times that I appreciate Cisco Duo because it is so easy to work with. The deployment part is pretty easy. You have all this documentation, and you are just making several clicks and some changes, and you are up and running. You just have to deploy these mobile clients. The one thing Cisco Duo does not need to improve is the easiest part because I do not know what they can do to make it even easier.

I believe Cisco Duo has helped my company and my clients reduce their overall authentication-related costs. I would like to tell some numbers, but I am just an architect, and I do not have this kind of data.

My experience with pricing, setup cost, and licensing shows that pricing depends on the license. For the essential license, I think the pricing is pretty normal. Regarding the Premier licensing, it is a little bit pricey, but it is in the market range with the competitors.

Other solutions my clients consider before choosing Cisco Duo include competitors such as Okta, for example. Okta was the main competitor.

My advice for other companies that are considering getting Cisco Duo is to try it, and you will be amazed at how easy and how productive this tool is. I would rate this review a nine out of ten.

I have been using Cisco Duo for one of my customers for three years. I have integrated Cisco Duo with the on-premises Active Directory and I am using two authentication methods: one is by code and one is through push notifications on Android mobile phones or Apple iPhones. The authentication process is very smooth and secure.

When any request is made to log in for email, the request is integrated with Cisco Duo and asks the user to enter a code via their mobile phone. This is the purpose I am using it for, and it represents a very smooth and secure authentication method.

The method is simple and secure, only thing i want to say about pricing will be reduce for old customers

Cisco Duo has a capability for Duo Push. When it comes to authentication, you get a notification and you just need to approve or reject the request, which allows the process to go smoothly. Although Microsoft Authenticator also has this function, other authenticators do not.

Pricing is an area that needs improvement because the pricing is high. One of my customers recently received a billing statement for one year charging 3,600 US dollars for 100 users. In my case, it costs me around 300 US dollars monthly for 100 users.

Initial deployment was smooth from an MFA point of view. However, I faced a significant issue about a year back when I tried to integrate Cisco Duo with Citrix NetScaler and enable MFA for Citrix NetScaler integration. I encountered a lot of issues during the integration part and was unable to achieve that task due to a lack of documentation at that time. That project was eventually closed.

I am using Cisco Duo for one of my customers for three years.

I have not faced any issues with Cisco Duo so far. It is a very stable product and functions well.

Scalability is good with Cisco Duo.

The support process is very smooth. If I need any support, I can send an email to their support team and they reply on the same day. I normally send emails to billing support and have not needed to send support emails otherwise until now.

Neutral

I have used AuthLogics MFA as well. I am also using Google Authenticator and Microsoft Authenticator.

Cisco Duo is a very simple product to understand. I searched for information on Google and integrated it using the guide provided by Cisco Duo during my first implementation. If I need any support, I can send an email to their support team and they reply on the same day. The support process is very smooth and initial deployment is smooth from an MFA point of view.

Pricing needs improvement because it is high. One of my customers recently received a billing statement charging 3,600 US dollars for 100 users for one year. In my case, it costs me around 300 US dollars monthly for 100 users.

I have used AuthLogics MFA as well. I am also using Google Authenticator and Microsoft Authenticator.

My clients are requesting MFA on their emails, third-party emails they are using for HTTPS, for cloud emails or cloud logins with different applications. I recommend Cisco Duo to them because the process is very smooth with Cisco Duo. I give Cisco Duo a rating of 10.